Skip to content

Commit

Permalink
feat(source-aws-v2): support using a role object for role creation
Browse files Browse the repository at this point in the history
  • Loading branch information
@blacha
blacha committed May 10, 2022
1 parent c23b71f commit ecb2837
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 3 deletions.
18 changes: 18 additions & 0 deletions packages/source-aws-v2/src/__test__/s3.credentials.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,24 @@ o.spec('AwsCredentials', () => {
o(stub.args[1][0].params.DurationSeconds).equals(3601);
});

o('should create a role from a object', () => {
const stub = sandbox.stub(aws, 'ChainableTemporaryCredentials');

AwsCredentials.fsFromRole({ roleArn: 'arn:abc', externalId: 'abc', durationSeconds: 50 });
o(stub.calledOnce).equals(true);

o(stub.args[0][0].params.RoleArn).equals('arn:abc');
o(stub.args[0][0].params.ExternalId).equals('abc');
o(stub.args[0][0].params.DurationSeconds).equals(50);

AwsCredentials.fsFromRole({ roleArn: 'arn:foo' });
o(stub.calledTwice).equals(true);

o(stub.args[1][0].params.RoleArn).equals('arn:foo');
o(stub.args[1][0].params.ExternalId).equals(undefined);
o(stub.args[1][0].params.DurationSeconds).equals(3600);
});

o('should cache by roleArn', () => {
const stub = sandbox.stub(aws, 'ChainableTemporaryCredentials');
AwsCredentials.role('arn:foo:bar');
Expand Down
20 changes: 17 additions & 3 deletions packages/source-aws-v2/src/s3.credentials.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@ import aws from 'aws-sdk/lib/core.js';
import S3 from 'aws-sdk/clients/s3.js';
import { FsAwsS3 } from '@chunkd/source-aws';

interface RoleObject {
roleArn: string;
externalId?: string;
durationSeconds?: number;
}

export class AwsCredentials {
static DefaultRoleDurationSeconds = 3600;
static cache: Map<string, Credentials> = new Map();
Expand All @@ -11,10 +17,18 @@ export class AwsCredentials {
* Create a FsS3 instance from a role arn
*
* @example
* Fs3.fromRoleArn('arn:foo', externalId, 900);
* FsS3.fromRoleArn('arn:bar');
*```typescript
* AwsCredentials.fromRoleArn('arn:foo', externalId, 900);
* AwsCredentials.fromRoleArn('arn:bar');
* AwsCredentials.fromRoleArn({ roleArn: 'arn:foo', externalId: 'bar', 'durationSeconds': 10})
* ```
*/
static fsFromRole(roleArn: string, externalId?: string, durationSeconds?: number): FsAwsS3 {
static fsFromRole(roleArn: RoleObject): FsAwsS3;
static fsFromRole(roleArn: string, externalId?: string, durationSeconds?: number): FsAwsS3;
static fsFromRole(roleArn: string | RoleObject, externalId?: string, durationSeconds?: number): FsAwsS3 {
if (typeof roleArn === 'object') {
return AwsCredentials.fsFromRole(roleArn.roleArn, roleArn.externalId, roleArn.durationSeconds);
}
const credentials = AwsCredentials.role(roleArn, externalId, durationSeconds);
return new FsAwsS3(new S3({ credentials }));
}
Expand Down

0 comments on commit ecb2837

Please sign in to comment.